Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

# MHG Security Team --- OzzyWork Gallery SQL Injection

[SA20006] EPublisherPro "title" Cross-Site Scripting Vulnerability

[SA20043] EImagePro SQL Injection Vulnerabilities

[SA20017] EDirectoryPro "keyword" Parameter SQL Injection

From:	alp_eren_(at)_ayyildiz.org <alp_eren_(at)_ayyildiz.org>
Date:	09.05.2006
Subject:	plaNetStat Admin ByPass

software version
===========
http://www.planetc.de
plaNetStat Version  27.01.2005

description
=============
planetstat admin bypass see the web sites log files and to do log settings.

google dork: "plaNetStat"

example;
www.site.com/planetstat or [path]/admin.php
www.site.com/planetstat or [path]/settings.php

alp_eren[at]ayyildiz[dot]com
www[dot]ayyildiz[dot]org

Greets to Thehacker,iskorpitx,shadow,suskun, and all AYT member.